Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 227
  • Last Modified:

Mac and Windows domain

We are setting up a new network with both PC and Mac.  My question is can all modern Macs join a Windows domain and share the resources on that domain?  Also, can I create a user in AD and then have that be the same user authenticating on the Mac?
0
al4629740
Asked:
al4629740
2 Solutions
 
Manuel FloresCommented:
According to this, it would be possible, however a didn't test to tell how good is;
https://www.pluralsight.com/blog/tutorials/join-mac-to-windows-domain

I used in the past a third-party software called ExtremZ-IP now belongs to Acronis.  It worked perfectly for several years.  I had a Dell poweredge Windows 2003 domain server, and a mixture of PC and Macs with its own problems about filename length and others which ExtremZ-IP solved perfectly;
http://www.acronis.com/en-us/mobility/mac-windows-compatibility/

..MFlores.
0
 
Joseph HornseyPresident and JanitorCommented:
Actually, I believe you can.  I don't know how well it works, but I've run across it.

I'm not a Mac guy, so I'm no expert - and I know Microsoft won't support it - but I had to look at it a couple of years ago.

Here's the article I referenced.
0
 
al4629740Author Commented:
Would there be a problem if the windows server is virtual and the Mac has to connect to it?
0
 
Manuel FloresCommented:
Not more than being a physical machine in my opinion.
0
 
jhyieslaCommented:
Yes, you can definitely join a Mac to a Windows domain. I am on a Mac right now that is connected to AD. I joined the Mac to the domain  https://support.apple.com/kb/PH18884?locale=en_US

I log in with my AD credentials and I am both administering my Mac as well as I have whatever permission my user guy has to AD on the network. I would suggest not setting up the user first on the Mac.  Log into the Mac as the local admin and join the domain and then log in as the domain user.  You can go back and give whatever rights you want to the user on the Mac or accept the defaults. Having local Mac user and a domain user with the same name may not work, just as it doesn't on Windows unless you specify the name\username format.  I find it easier to just create a local Mac admin and let him do all the local work and then if you want the user to administer the Mac, adjust his settings appropriately.

Also, it doesn't make any difference whether the windows servers are real or virtual.
0
 
serialbandCommented:
Short answer is Yes.

Macs can join an AD and use AD for Single Sign On authentication.  You just don't have Group Policy, unless you purchase 3rd party programs to translate the policies.

You can create shares and add users permissions from domain accounts.  The domain user can also get admin permissions to the Mac, if you wish to grant admin permissons.

If you have a laptop that roams, you just need to enable the Domain account as a mobile account, or you won't be able to log in when you are no longer connected to the Domain network.  It's always best to create a local admin account to also manage the Mac in case of specific domain failures that might lock out your account, but you don't really need it.  It's similar to Windows systems on the domain.
0
Tackle projects and never again get stuck behind a technical roadblock.
Join Now